Information System & Network Security Engineer

Job Description

Company: Guidehouse

Location: Washington, US

Cyber Consulting Travel Required: Up to 10% Clearance Required: Ability to Obtain Public Trust What You Will Do: System Boundary Analysis: Define and maintain system security boundaries across hybrid cloud and on-premises environments, including AWS & Azure CSPs, VMware infrastructure, and legacy datacenter assets.

Continuous Monitoring: Control Inheritance Mapping: Map technical controls across shared service environments, identifying common controls, system-specific controls, and hybrid inheritance relationships as systems migrate to cloud.

GRC Tool Administration: Manage the ingestion of infrastructure telemetry, vulnerability data, and configuration baselines into GRC platforms to automate compliance evidence collection.

Network Security Architecture: Evaluate and advise on network segmentation, firewall rules, TIC 3.0 compliance, F5 load balancer configurations, DNS security, and encrypted transit between enclaves and cloud environments.

Cloud Security Posture: Assess and harden CSP environments including VPC design, Security Groups, IAM policies, CloudTrail/GuardDuty integration, and encryption-at-rest/in-transit configurations. Conduct security assessments of proposed architecture changes, migration plans, and new technology deployments. Provide senior-level technical analysis during security incidents, bridging the gap between SOC triage and executive risk communication.

Work alongside ISSOs to translate technical system changes (network reconfigurations, cloud migrations, new integrations) into risk language and updated authorization documentation.

SOC Mentorship: Elevate the SOC team’s understanding of governance context, helping analysts understand how their detection and response activities map to broader risk management and compliance objectives. Serve as the connective tissue between infrastructure engineers, application teams, ISSOs, and leadership—ensuring security decisions are informed by both technical facts and organizational risk tolerance. Engage with contractors and vendors on security requirements, ensuring deliverables meet federal security standards.

Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred Minimum of SEVEN (7) years of progressive experience in cybersecurity engineering Minimum of THREE (3) years of experience in a federal civilian or DoW IT environment with direct involvement in NIST RMF (SP 800-37), FedRAMP, or equivalent authorization processes. Demonstrated experience defining or modifying system security boundaries in environments undergoing cloud migration or infrastructure modernization. VMware/vSphere administration, AWS cloud services (VPC, IAM, CloudTrail, GuardDuty), network security (firewalls, IDS/IPS, TIC architectures), vulnerability management platforms (Tenable, Qualys), SIEM/monitoring platforms (Dynatrace, Splunk, or equivalent), load balancers and application delivery controllers (F5, etc.), CISSP (Certified Information Systems Security Professional) – Active and in good standing AND at least one of the following: CCSP (Certified Cloud Security Professional) AWS Security Specialty Certification CISM (Certified Information Security Manager) CASP+ (CompTIA Advanced Security Practitioner) What Would Be Nice To Have: Experience with ColdFusion, .NET, and other legacy application environments and associated security considerations.

Familiarity with Oracle database security hardening and monitoring.

Experience with GRC platforms such as Archer, Xacta, eMASS, or RegScale. Knowledge of CISA BOD compliance requirements, including BOD 22-01 (Known Exploited Vulnerabilities) and BOD 23-01 (asset visibility).

Experience developing or contributing to agency-level cybersecurity policies and procedures. Familiarity with federal acquisition and contractor oversight from a security requirements perspective.

Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer: Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace. Medical, Rx, Dental &

• Vision Insurance Personal and Family Sick Time &

• Company Paid Holidays Position may be eligible for a discretionary variable incentive bonus Parental Leave and Adoption Assistance 401(k) Retirement Plan Basic Life &

• Supplemental Life Health Savings Account, Dental/Vision &

• Dependent Care Flexible Spending Accounts Short-Term &

• Long-Term Disability Student Loan PayDown Tuition Reimbursement, Personal Development &

• Learning Opportunities Skills Development &

Certifications Employee Referral Program Corporate Sponsored Events &

Source: BeBee